Method and Apparatus for Implementing Control of Multiple Physically Dual Homed Devices

ABSTRACT

A ring control protocol is used to establish a separate control plane for a plurality of physically dual homed devices to enable collections of dual homed devices to be represented by a single pair of addresses into the attached routed Ethernet network. The gateway devices analyze the passing ring control packets to create direct mappings for data packets to the routed Ethernet network. Thus, although the dual homed devices are treated as a ring from a control perspective, the data path is implemented to be direct so that data packets continue to flow directly from the dual homed devices to each of the attached gateway devices. In one embodiment, each of the gateway devices implements a virtual switch and advertises the MAC address of the virtual switch into the routed Ethernet network rather than the MAC addresses of each of the attached Ethernet Switch Units.

TECHNICAL FIELD

The present invention relates to communication networks and, moreparticularly, to a method and apparatus for implementing control ofmultiple physically dual homed devices.

BACKGROUND

Data communication networks may include various switches, routers, hubs,and other devices coupled to and configured to receive data and forwardthe data on the network. These devices will be referred to herein as“network elements.” A network element is generally not a consumer of thedata, but rather is used to receive and forward data so that the datamay pass through the network. Data is communicated through a network byenabling the network elements to pass protocol data units, such asframes, packets, cells or segments, between each other overcommunication links. A particular protocol data unit may be handled bymultiple network elements and cross multiple communication links as ittravels between its source and its destination over the network.

The various network elements on the communication network communicatewith each other using predefined sets of rules, referred to herein asprotocols. Different protocols are used to govern different aspects ofthe communication, such as how signals should be formed for transmissionbetween the network elements, various aspects of what the protocol dataunits should look like, how protocol data units should be handled orrouted through the network by the network elements, and how informationsuch as routing information should be exchanged between the networkelements.

A network service provider will generally implement one or more datacenters to enable customers to connect to a communication network suchas the Internet. Likewise, in an enterprise, a data center may be usedto house servers that enable users to connect to the corporate networkor which provide other services on the network. Example services includedatabase services, email services, etc.

In a data center, a large number of servers (e.g. 24 servers) may behoused in a rack and connected to an Ethernet Switch Unit which connectsthe servers to a communication network. Typically, the Ethernet SwitchUnit will be co-located with the rack of servers. The Ethernet switchunit will then connect to a large Gateway switch which will connect theEthernet switch unit to higher bandwidth network such as a routedEthernet network.

FIG. 1 shows an example data center in which servers 10 connect to oneor more Ethernet switch units 12, which in turn are connected togateways 14. The gateways 14 provide connectivity to a routed Ethernetnetwork 16. The Ethernet switch units will generally be dual-homed to apair of gateway switches so that, if one of the gateway switches shouldfail, the other gateway can assume responsibility for forwarding trafficinto the routed Ethernet network. For example, in FIG. 1, each of theEthernet switch units 12 are connected to two different gateways (e.g.dual homed) to a pair of gateway switches 14. The gateway switches mayindividually assume responsibility to represent particular ESUs into therouted Ethernet network or, alternatively, may collaboratively representthe ESUs into the routed Ethernet network by treating the links from theESUs to the gateways as a split multi-link trunk.

Although it is possible to envision multiple ESUs in a chain connectedto a pair of gateway nodes, such a configuration is vulnerable tomultiple failures. Hence dual homing of individual switches directly tothe gateways is desirable since the configuration is less susceptible tofailure.

Large data centers may require layer two connectivity for communities of10s to 100s of thousands of servers. To enable this configuration to beable to scale, one of the key metrics to consider is the number of MACaddresses the gateway is required to advertise into the routed Ethernetnetwork to represent the set of subtending servers. Specifically, whenthe ESU is connected directly to the gateway, the gateway will need toadvertise the MAC address of the port via which the ESU is reached intothe routed Ethernet network Normally as the number of Ethernet switchunits increases, the associated number of ports, and hence the number ofMAC addresses being advertised into the routed Ethernet network (e.g. anEthernet network implemented using 802.1aq Shortest Path BackboneBridging, although this may also apply to 802.1ah spanning treecontrolled Ethernet networks) may become excessive and expensive for thecore to maintain. Accordingly, it would be advantageous to provide a wayto reduce the number of MAC addresses that is required to be advertisedinto the routed Ethernet network.

SUMMARY OF THE INVENTION

One or more ring control protocol instances are run on the multiplephysically dual homed devices in such a way that enables collections ofdual homed devices to be represented by a single pair of addresses intothe attached routed Ethernet network. The gateway devices analyze thepassing ring control packets to create direct mappings for data packetsto the routed Ethernet network. Thus, although the dual homed devicesare treated as a ring from a control perspective, the data path isimplemented to be direct so that data packets continue to flow directlyfrom the dual homed devices to each of the attached gateway devices.Each of the gateway devices implements one or more virtual switches,which each serve to aggregate traffic from multiple attached ESUs intothe routed Ethernet network. Each virtual switch advertises its own MACaddress into the routed Ethernet network rather than the MAC addressesof each of the attached Ethernet Switch Units so that fewer MACaddresses will be advertised by each of the gateways. When resiliency isprovided for by a peer gateway, frames may be send to and received fromthe ESU directly or via the peer gateway (in failure scenarios). Framesthat are received from the Ethernet switch units are encapsulated at thevirtual switch using a new Ethernet header identifying the virtualswitch as the source of the data packets. In the reverse direction,frames of data will be addressed to the virtual switch, which will demuxpackets using the C-MAC Ethernet header to pass the frames onto thecorrect output port to the correct Ethernet switch unit. By running aseparate control plane between the Ethernet switch units and thegateway, a set of Ethernet switch units is able to be represented intothe routed Ethernet network using a pair of MAC addresses, whileenabling data paths to continue to flow directly between the Ethernetswitch units and the routed Ethernet network.

BRIEF DESCRIPTION OF THE DRAWINGS

Aspects of the present invention are pointed out with particularity inthe appended claims. The present invention is illustrated by way ofexample in the following drawings in which like references indicatesimilar elements. The following drawings disclose various embodiments ofthe present invention for purposes of illustration only and are notintended to limit the scope of the invention. For purposes of clarity,not every component may be labeled in every figure. In the figures:

FIG. 1 is a functional diagram of a reference network showing a dualhomed connection between Ethernet Switch Units and a pair of gateways;

FIG. 2 is a functional block diagram showing physical dual homedEthernet switch units interconnecting with a pair of gateway switches;

FIG. 3 shows the flow of control information between the network devicesarranged as shown in FIG. 2 according to one embodiment of theinvention;

FIG. 4 shows the logical flow of control information in the embodimentof FIG. 3;

FIGS. 5-6 show the flow of control information between the networkdevices arranged as shown in FIG. 2 according to another embodiment ofthe invention;

FIG. 7 shows the flow of data and the flow of control informationthrough one of the gateways according to the embodiment of the inventionshown in FIGS. 5-6; and

FIG. 8 shows the flow of data and the flow of control informationthrough one of the gateways according to the embodiment of the inventionshown in FIGS. 3-4.

DETAILED DESCRIPTION

FIG. 2 is a functional block diagram showing physical dual homedEthernet switch units interconnecting with a pair of gateway switches.As shown in FIG. 2, each of the Ethernet switch units connects via oneor more links to two or more Gateways 14. According to an embodiment,each of the gateways implements at least one virtual switch 18 thatsummarizes traffic from a plurality of Ethernet switch units into therouted Ethernet network 16. In one embodiment, the virtual switchperforms Mac-in-Mac encapsulation to add a B-MAC Ethernet header to thetraffic as described in IEEE 802.1ah. Each gateway may implementmultiple virtual switches, each of which is responsible for handlingtraffic for a set of the attached Ethernet switch units. By implementinga virtual switch, sets of subtending ESUs that have a common peergateway may be represented by a single MAC address into the routedEthernet network rather than requiring each ESU to be individuallyrepresented into the routed Ethernet network. Hence, the number of MACaddresses advertised into the core network may be reduced to increasescalability of the network.

According to an embodiment of the invention, one or more instances of aseparate control plane is implemented between the virtual switches andattached set of physically dual homed devices (e.g. Ethernet switchunits). The control plane, in one embodiment, is implemented using aring control protocol so that control messages, e.g. link stateadvertisements, will follow the logical ring rather than following thedata path on the network. By utilizing a ring control protocol, controlmessages may be exchanged between the set of attached physical deviceswhile enabling the set of attached physical devices to be representedinto the attached routed Ethernet network using a pair of MAC addresses.However, whereas the control plane is implemented using a ringarchitecture, the data path from each physically dual homed device tothe associated gateways remains point-to-point so that the selection ofa ring-based control protocol does not affect the data traffic patternson the network.

It should be noted that simply having a common MAC address for alldevices connected to the gateway node in many cases is not sufficient,this is because under failure of the node the recovery actions may notbe aligned. There may be customers directly attached to the switch, orsets of switches for which there is a different peer gateway in the dualhomed arrangement. Hence a MAC address is assigned for a set ofsubtending switches that have a common recovery behavior under failure.

Ethernet Shared Protection Rings (E-SPRING) is a protocol designed to beused to control an Ethernet ring network having a group of seriallyinterconnected nodes. E-SPRING is defined as ITU-T SG15/Q9, G.8032,which specifies how the nodes on the ring should handle unicast,multicast, and broadcast frames. It also specifies multiple serviceclasses, failure handling, and other aspects of how traffic should beforwarded by nodes on the Ethernet ring. The manner in which an Ethernetring operates is also described in greater detail in U.S. patentapplication Ser. No. 12/027,942, entitled Method And Apparatus ForControlling A Set Of Ethernet Nodes Interconnected To Form One Or MoreClosed Loops, filed Feb. 7, 2008, the content of which is herebyincorporated herein by reference. In one embodiment, the control planeassociated with the interconnection between the gateways and Ethernetswitch units is implemented using a ring control protocol. U.S. patentapplication Ser. No. 12/344,355, filed Dec. 26, 2008, describes a way ofenabling a network implemented using a ring control protocol to be dualhomed into an Ethernet network implementing a spanning tree controlprotocol, and U.S. patent application Ser. No. 12/344,362, filed Dec.26, 2008, describes a way of enabling a ring network implemented using aring control protocol to be dual homed into an Ethernet networkimplementing traffic engineered trunks. The content of each of theseapplications is hereby incorporated herein by reference.

FIG. 3 shows one example of how a ring control protocol may be usedaccording to one embodiment of the invention. In this embodiment, eachgateway has implemented a virtual switch that summarizes routes from themultiple Ethernet switch units into a single BMAC for advertisement onthe network. In this example, a separate ring protocol instance is usedfor each Ethernet Switch Unit. For example, as shown in FIG. 4, aseparate ring control instance may be used to create a logical controlring including one of the virtual switch instances in each of thegateways, as well as one of the Ethernet switch units. Thus, in FIG. 4,a first ring control protocol instance is used to control Ethernetswitch 1 and includes Ethernet Switch Unit 1, virtual switch 1, andvirtual switch 2. Likewise, a second ring control protocol instance isused to control Ethernet switch 2. In this embodiment, the second ringcontrol protocol instance includes Ethernet switch 2, virtual switch 1,and virtual switch 2.

The ring control protocol enables traffic to be forwarded from theEthernet switch unit to the correct gateway in a persistent manner sothat link failures between the Ethernet switch units and the gateways istransparent to the routed network. For example, assume that traffic fromEthernet switch unit 1 was to be forwarded by the left gateway in FIG. 2onto the routed Ethernet network. The ring control protocol mayimplement a blocking port on the port leading to the right gateway, sothat traffic flows from the Ethernet switch unit to the left gateway. Ifthere is a failure on the link between Ethernet Switch Unit 1 and theleft gateway, the ring control protocol will automatically remove theblocking port and move the blocking port to be adjacent the failure.This will cause the Ethernet switch unit to forward traffic out towardthe gateway on the right. The virtual switch in the right gateway willknow that it is not responsible for forwarding traffic into the routedEthernet network and will forward the traffic along the ring over theIST to the left gateway. The virtual switch in the left gateway willthus receive the traffic from the Ethernet switch unit 1 via the IST andforward the traffic into the routed Ethernet network. By implementing aring control protocol, local failures between the Ethernet switch unitsand the gateway may be hidden from the routed Ethernet network, so thateach end of the ring appears as an invariant B-MAC.

Although the control traffic flows as shown in FIG. 3, the data trafficfrom each of the switch units is passed to the selected virtual switchand is passed from the virtual switch onto the attached routed Ethernetnetwork. FIG. 8 shows an example of how the control traffic and datatraffic would be handled by a virtual switch. As shown in FIG. 8, thevirtual switch will forward data traffic onto the routed Ethernetnetwork and will forward control traffic over the IST to enable thecontrol traffic to pass over the ring to the other virtual switch. Ofcourse, as described above, under failure conditions there may beinstances where the virtual switch will also forward data traffic overthe IST. Accordingly, each virtual switch will only forward traffic forthat set of ESUs that it is responsible to represent into the routedEthernet network.

FIGS. 5-7 show another embodiment where groups of Ethernet switch unitsare logically formed into a single ring for control purposes by causingthe gateway switches to u-turn control packets to enable multipleEthernet switch units to exist on a common control ring. In theembodiment shown in FIG. 5, there are an even number of Ethernet switchunits, which enables each of the gateway switches to directlyinterconnect each of the Ethernet switch units on the ring. FIG. 6 showsanother example in which there is an odd number of Ethernet switchunits. In this instance one of the branches of the logical ring willneed to extend over the Inter-switch trunk to complete the ring.Although the example shown in FIG. 6 has the control traffic beingpassed over the IST, the invention is not limited in this regard as thecontrol traffic could instead be passed by the virtual switch over theattached routed network.

FIG. 7 shows the difference between the data path and the control pathin a gateway node. As shown in FIG. 7, interconnecting the Ethernetswitch units in a logical ring for control purposes only affects theflow of control packets between the Ethernet switch units. Specifically,in the embodiment shown in FIG. 7 the control packets are looped back toenable a group of Ethernet switch units to be logically interconnectedin a ring (e.g. as shown in FIG. 5 or 6) so that a ring control protocolmay be used to manage these devices. However, the data path associatedwith the Ethernet switch units is still point to point so that, when thegateway receives a data packet, it will forward the data packetsdirectly onto the PLSB network in a normal manner. Thus, implementingthe control plane using a ring control protocol does not affect themanner in which the gateway switches handle data traffic on the networkor how the gateway switches forward data onto the PLSB network.

The virtual switch 18 performs MAC learning to learn MAC addressesreachable via the attached ESU by watching the unique port the ESU isattached to. When the gateway receives a data packet from an attachedEthernet switch unit, it will pass the packet to the virtual switch,which will perform BMAC encapsulation to enable the packet to beforwarded over the attached routed Ethernet network. In the reversedirection, when the gateway receives a packet from the routed Ethernetnetwork, the virtual switch will read the client MAC address and use themapping to select an output port to forward the packet to the correctEthernet switch unit.

As discussed above, each of the Ethernet Switch Units aggregates trafficfrom multiple clients. Traffic from that ESU may then be forwarded to aparticular gateway or, alternatively, may be forwarded to virtualswitches on two or more gateways. Likewise, traffic from a particularESU may be forwarded to two or more virtual switches implemented on thesame gateway. Traffic from a particular ESU may be transmitted in one ormore VLANs to enable traffic to be directed to different virtualswitches within the same ESU, so that each ESU can aggregate a portionof the traffic for the ESU into the attached routed Ethernet network.

The functions described above may be implemented as a set of programinstructions that are stored in a computer readable memory and executedon one or more processors on the computer platform. However, it will beapparent to a skilled artisan that all logic described herein can beembodied using discrete components, integrated circuitry such as anApplication Specific Integrated Circuit (ASIC), programmable logic usedin conjunction with a programmable logic device such as a FieldProgrammable Gate Array (FPGA) or microprocessor, a state machine, orany other device including any combination thereof. Programmable logiccan be fixed temporarily or permanently in a tangible medium such as aread-only memory chip, a computer memory, a disk, or other storagemedium. All such embodiments are intended to fall within the scope ofthe present invention.

It should be understood that various changes and modifications of theembodiments shown in the drawings and described in the specification maybe made within the spirit and scope of the present invention.Accordingly, it is intended that all matter contained in the abovedescription and shown in the accompanying drawings be interpreted in anillustrative and not in a limiting sense.

1. A method of implementing control of multiple network devices, themultiple network devices being physically dual homed on a pair ofgateways configured to provide interconnectivity between the multiplenetwork devices and a routed Ethernet network, the method comprising thesteps of: implementing, by each gateway, at least one virtual switchinstance to represent the multiple dual homed network devices into therouted Ethernet network; and implementing at least one ring-basedcontrol protocol instance between the virtual switch instances and themultiple physically dual homed network devices to enable the virtualswitches to coordinate representation of the dual homed network devicesinto the routed Ethernet network.
 2. The method of claim 1, wherein afirst ring-based control protocol instance is implemented between afirst virtual switch instance on a first of the gateways, a secondvirtual switch instance on a second of the gateways, and a first of themultiple physically dual homed network devices to enable the firstgateway and second gateway to coordinate representation of the firstdual homed network device into the routed Ethernet network.
 3. Themethod of claim 2, wherein a second ring-based control protocol instanceseparate from the first ring-based control protocol instance isimplemented between the first virtual switch instance on the firstgateway, a second virtual switch instance on the second gateway, and asecond of the multiple physically dual homed network devices to enablethe first gateway and second gateway to coordinate representation of thesecond dual homed network device into the routed Ethernet network. 4.The method of claim 1, wherein a separate ring-based control protocolinstance is implemented for each of the dual homed network devices. 5.The method of claim 1, wherein a unified ring-based control protocolinstance is implemented for a set of two or more dual homed networkdevices.
 6. The method of claim 5, wherein each of the first and secondgateways U-turns control traffic received from the dual homed networkdevices to implement a logical ring including the virtual switchinstances and the two or more dual-homed network devices.
 7. The methodof claim 6, wherein the gateways are connected by an inter-gatewaytrunk, and wherein if the unified ring-based control protocol instanceis implemented to coordinate representation of an odd number of dualhomed network devices, the inter-switch trunk will be used to close thelogical ring.
 8. The method of claim 1, wherein control traffic and datatraffic are treated differently by the gateways.
 9. The method of claim1, wherein the virtual switch summarizes traffic into an attached routedEthernet network.
 10. The method of claim 9, wherein each virtual switchadvertises a single MAC address into the attached routed Ethernetnetwork so that MAC addresses of the represented dual homed networkdevices are not required to be advertised into the routed Ethernetnetwork.
 11. The method of claim 9, wherein each virtual switchrepresents a set of dual homed network devices with similar failovercharacteristics.
 12. The method of claim 1, wherein each of the dualhomed network devices is an Ethernet switch unit.
 13. A data center,comprising: a plurality of Ethernet switch units, each of the pluralityof Ethernet switch units providing connectivity to a plurality ofservers; at least two gateways providing connectivity between theEthernet switch units and a routed Ethernet network, each of thegateways implementing at least one instance of a virtual switch tosummarize MAC addresses of represented Ethernet switch units into therouted Ethernet network; communication links extending between each ofthe Ethernet switch units and at least two of the gateways to enableeach Ethernet switch unit to be dual homed on at least two of thegateways so that the Ethernet Switch Unit is provided with redundantconnectivity to the routed Ethernet network; and wherein at least oneEthernet ring control protocol instance is implemented within the datacenter to coordinate representation of the Ethernet switch units by thevirtual switches into the routed Ethernet network.
 14. The data centerof claim 13, wherein a separate Ethernet ring control protocol instanceis implemented for each of the Ethernet switch units.
 15. The datacenter of claim 14, wherein each virtual switch instance participates inmultiple separate Ethernet ring control protocol instances to enable thevirtual switch to represent multiple Ethernet switch units into therouted Ethernet network.
 16. The data center of claim 13, wherein aseparate Ethernet ring control protocol instance is implemented for setsof multiple Ethernet Switch Units.
 17. The data center of claim 16,wherein control packets received from one of the Ethernet Switch Unitswill be u-turned to be output toward another Ethernet switch unit sothat the control packets follow a logical ring, while data packets fromthe one of the Ethernet switch units will be forwarded directly onto therouted Ethernet network.